Expand assumes to the other unchecked slice ops

saethlin · saethlin · commit 2c76737d4ba5 · 2024-02-13T13:15:39.000-05:00
diff --git a/library/core/src/slice/index.rs b/library/core/src/slice/index.rs
@@ -246,7 +246,10 @@ unsafe impl<T> SliceIndex<[T]> for usize {
             "slice::get_unchecked_mut requires that the index is within the slice",
         );
         // SAFETY: see comments for `get_unchecked` above.
-        unsafe { slice.as_mut_ptr().add(self) }
+        unsafe {
+            crate::hint::assert_unchecked(self < slice.len());
+            slice.as_mut_ptr().add(self)
+        }
     }
 
     #[inline]
@@ -298,7 +301,10 @@ unsafe impl<T> SliceIndex<[T]> for ops::IndexRange {
         // cannot be longer than `isize::MAX`. They also guarantee that
         // `self` is in bounds of `slice` so `self` cannot overflow an `isize`,
         // so the call to `add` is safe.
-        unsafe { ptr::slice_from_raw_parts(slice.as_ptr().add(self.start()), self.len()) }
+        unsafe {
+            crate::hint::assert_unchecked(self.end() <= slice.len());
+            ptr::slice_from_raw_parts(slice.as_ptr().add(self.start()), self.len())
+        }
     }
 
     #[inline]
@@ -308,7 +314,10 @@ unsafe impl<T> SliceIndex<[T]> for ops::IndexRange {
             "slice::get_unchecked_mut requires that the index is within the slice",
         );
         // SAFETY: see comments for `get_unchecked` above.
-        unsafe { ptr::slice_from_raw_parts_mut(slice.as_mut_ptr().add(self.start()), self.len()) }
+        unsafe {
+            crate::hint::assert_unchecked(self.end() <= slice.len());
+            ptr::slice_from_raw_parts_mut(slice.as_mut_ptr().add(self.start()), self.len())
+        }
     }
 
     #[inline]
@@ -368,6 +377,7 @@ unsafe impl<T> SliceIndex<[T]> for ops::Range<usize> {
         // `self` is in bounds of `slice` so `self` cannot overflow an `isize`,
         // so the call to `add` is safe and the length calculation cannot overflow.
         unsafe {
+            crate::hint::assert_unchecked(self.end <= slice.len());
             let new_len = unchecked_sub(self.end, self.start);
             ptr::slice_from_raw_parts(slice.as_ptr().add(self.start), new_len)
         }
@@ -381,6 +391,7 @@ unsafe impl<T> SliceIndex<[T]> for ops::Range<usize> {
         );
         // SAFETY: see comments for `get_unchecked` above.
         unsafe {
+            crate::hint::assert_unchecked(self.end <= slice.len());
             let new_len = unchecked_sub(self.end, self.start);
             ptr::slice_from_raw_parts_mut(slice.as_mut_ptr().add(self.start), new_len)
         }
diff --git a/tests/codegen/issues/issue-116878.rs b/tests/codegen/issues/issue-116878.rs
@@ -10,3 +10,27 @@ pub unsafe fn unchecked_slice_no_bounds_check(s: &[u8]) -> u8 {
     // CHECK-NOT: panic_bounds_check
     a + s[0]
 }
+
+// CHECK-LABEL: @unchecked_slice_no_bounds_check_mut
+#[no_mangle]
+pub unsafe fn unchecked_slice_no_bounds_check_mut(s: &mut [u8]) -> u8 {
+    let a = *s.get_unchecked_mut(2);
+    // CHECK-NOT: panic_bounds_check
+    a + s[1]
+}
+
+// CHECK-LABEL: @unchecked_slice_no_bounds_check_range
+#[no_mangle]
+pub unsafe fn unchecked_slice_no_bounds_check_range(s: &[u8]) -> u8 {
+    let _a = &s.get_unchecked(..1);
+    // CHECK-NOT: panic_bounds_check
+    s[0]
+}
+
+// CHECK-LABEL: @unchecked_slice_no_bounds_check_range_mut
+#[no_mangle]
+pub unsafe fn unchecked_slice_no_bounds_check_range_mut(s: &mut [u8]) -> u8 {
+    let _a = &mut s.get_unchecked_mut(..2);
+    // CHECK-NOT: panic_bounds_check
+    s[1]
+}
